Observations on articles I read to keep current about technology. My interests are: Privacy, security, business, the computer industry, and geeky stuff that catches my eye.

I don't think I have an agenda beyond my own amusement.

Note that I lump all my comments into a single post. This is not a typical BLOG technique, It's just an indication that I'm lazy.

Saturday, October 13, 2018

It’s time once again for the
Privacy Foundation at University of Denver Sturm College of Law to
have its fall seminar! It will be taking place October
26th,
from 10:00am-1:00pm (with lunch to follow) at the Ricketson Law
Building. The topic is: The EU GDPR (General Directive on Privacy
Regulation): Impact on the U.S.

Three CLE
credits are pending. The seminar will be free to DU
Faculty/Staff/Students/Mentors, and $30 for the general public;
additional contributions to the Privacy Foundation, a 501 (c) (3)
non-profit, are always welcome. You can find all this information
and register online at: http://dughost.imodules.com/gdpr.

FitMetrix,
a fitness technology and performance tracking company owned by gym
booking giant Mindbody, has exposed millions of user records because
it left several of its
servers without a password.

The company builds fitness tracking
software for gyms and group classes that displays heart rate and
other fitness metric information for interactive workouts. FitMetrix
was
acquired by gym and wellness scheduling service Mindbody earlier
this year for $15.3 million, according to a
government filing.

Last week, a security researcher found
three FitMetrix unprotected servers leaking customer data.

Twitter
Under Formal Investigation for How It Tracks Users in the GDPR Era

… When Twitter (twtr,
+3.67%) users put links into tweets, the service applies its own
link-shortening service, t.co, to them. Twitter says
this allows the platform to measure how many times a link has been
clicked, and helps it to fight the spread of malware through dodgy
links.

However, privacy researcher Michael Veale, who
works at University College London, suspects that Twitter gets more
information when people click on t.co links, and that it might use
them to track those people as they surf the web, by leaving cookies
in their browsers.

As is his right under the new General
Data Protection Regulation (GDPR)—the sweeping set of privacy
rules that came into effect across the EU in May—Veale asked
Twitter to give him all the personal data it holds on him.

The company refused to hand over the data it
recorded when Veale clicked on links in other people’s tweets,
claiming that providing
this information would take a disproportionate effort.
So, in August, Veale complained to the Irish Data Protection
Commission (DPC), which on Thursday told him it was opening an
investigation. As is common with big tech firms, Twitter’s
European operations are headquartered in Dublin, which is why Veale
complained in Ireland.

Flipkart and Amazon are leading an online sales
bonanza that will see Indians buy smartphones worth over $1 billion
in just five days, according to tech consultancy Counterpoint
Research.

Bangalore-based Flipkart said it sold
1 million devices during the first hour of an online phone
sale on Thursday that was part of its "Big Billion Days"
shopping festival. By the end of the day, it had sold more than 3
million phones.

… More than 300 million Indians now have
smartphones, a number that is growing
rapidly as tech companies and the Indian government attempt to
bring the rest of the country's 1.3 billion people online.

The U.K., the Netherlands and other European Union
governments are pushing the bloc to expand the scope of its sanctions
regime to include cyber attacks, following alleged attempts by
Russian and Chinese operatives to infiltrate the computer systems of
agencies in Europe and the U.S.

The EU has sanctions protocols in place targeting
states for violating nuclear and chemical weapons treaties or
harboring terrorism. Now the group of countries, that also includes
Estonia, Finland, Lithuania and Romania, wants the bloc to introduce
a similar system against the individuals and organizations that are
behind cyber-attacks, according to a memo obtained by Bloomberg. EU
leaders are slated to discuss security next week in Brussels.

… EU sanctions typically take the form of
asset freezes against companies and individuals and travel bans
against individuals. The bloc also has the ability to apply broader
economic penalties – a policy used against Russia over its
encroachment in Ukraine.

The group is recommending that cyber penalties
focus on individuals and entities. It said the door should also be
left open to making cyber-crimes also subject to “sectoral
measures.”

… Attributing cyber attacks remains a key
hurdle to any sanctions regime, as bad actors often try to fake data
points like internet protocol addresses and domain names that could
trace back to them. The countries in their memo, however, pointed to
detailed and well-researched reports produced by the private sector
using open source evidence.

“The lack of an international response leads”
actors to conclude that malicious cyber activity is “low cost,”
the countries wrote. “Restrictive measures would be a powerful
[??? Bob] tool
to change behavior through signaling at a political level that
malicious cyber activity has consequences.”

The conservative site, run by the blogger
John Hawkins, had created a series of Facebook pages and accounts
over the last year under many names, according to Facebook.

After Dr. Blasey testified, Right Wing News posted
several false stories about her — including the suggestion that her
lawyers were being bribed by Democrats — and then used the network
of Facebook pages and accounts to share the pieces so that they
proliferated online quickly, social media researchers said.

The result was a real-time spreading of
disinformation started by
Americans, for Americans.

… This month, Twitter took down a network of
50 accounts that it said were being
run by Americans posing as Republican state lawmakers.
Twitter said the accounts were geared toward voters in all 50 states.

On Thursday, Facebook said it had identified 559
pages and 251 accounts run by Americans, many of which amplified
false and misleading content in a coordinated fashion. The company
said it would remove the pages and accounts.

… Though the details are still being worked
out, it’s almost certain that all of us will need our genetic
information to be safeguarded, even if you do decide to turn down a
well-meaning gift
of a free DNA test. According to the researchers, it will take only
about 2 percent of an adult population having their DNA profiled in a
database before it becomes theoretically possible to trace any
person’s distant relatives from a sample of unknown DNA—and
therefore, to uncover their identity. And we’re getting ever
closer to that tipping point.

“Once we reach 2 percent, nearly everyone will
have a third cousin match, and a substantial amount will have a
second cousin match,” Erlich explained. “My prediction is that
for people of European descent, we’ll reach that threshold within
two or three years.”

A Future
Where Everything Becomes a Computer Is as Creepy as You Feared

… The industry’s new goal? Not a computer
on every desk nor a connection between every person, but something
grander: a computer inside
everything, connecting everyone.

Cars, door locks, contact lenses, clothes,
toasters, refrigerators, industrial robots, fish tanks, sex toys,
light bulbs, toothbrushes, motorcycle helmets — these and other
everyday objects are all on the menu for getting “smart.”
Hundreds of small start-ups are taking part in this trend — known
by the marketing catchphrase “the internet of things” — but
like everything else in tech, the movement is led by giants, among
them Amazon, Apple and Samsung.

I suspect each member hires people who actually
understands social media to Tweet, mail, post, blog or whatever. Do
they understand the impact of those whatevers? Do they actually
analyze the input they (could) receive?

“Communication between Members of Congress and
their constituents has changed with the development of online social
networking services. Many Members now use email, official websites,
blogs, YouTube channels, Twitter, Facebook, and other social media
platforms to communicate—technologies that were nonexistent or not
widely available just a few decades ago. Social networking services
have arguably
enhanced the ability of Members of Congress to fulfill their
representational duties by providing them with greater opportunities
to share information and potentially to gauge constituent preferences
in a real-time manner. In addition, electronic communication has
reduced the marginal cost of communications. Unlike with postal
letters, social media can allow Members to reach large numbers of
constituents for a fixed cost. This report examines Member adoption
of social media broadly. Because
congressional adoption of long-standing social media platforms
Facebook, Twitter, and YouTube is nearly ubiquitous, this report
focuses on the adoption of other, newer social media platforms.
These include Instagram, Flickr, and Google+, which have each been
adopted by at least 2.5% of Representatives and Senators.
Additionally, Members of Congress have adopted Snapchat, Medium,
LinkedIn, Pinterest, Periscope, and Tumblr at lower levels. This
report evaluates the adoption rates of various social media platforms
and what the adoption of multiple platforms might mean for an
office’s social media strategy. Data on congressional adoption of
social media were collected by an academic institution in
collaboration with the Congressional Research Service during the
2016-2017 academic year. This report provides a snapshot of a
dynamic process. As with any new technology, the number of Members
using any single social media platform, and the patterns of use, may
change rapidly in short periods of time. As a result, the
conclusions drawn from these data cannot necessarily be generalized
or used to predict future behavior..”

The lawyer most responsible for winning a $289
million verdict against Bayer AG may end up wiping it out.

Brent Wisner was the lead trial attorney who in
August convinced a jury that Monsanto Co.’s Roundup weed killer
caused his client’s cancer. His compelling arguments and
marshaling of evidence resulted in a blockbuster verdict that has
spooked investors looking ahead to thousands of similar lawsuits
across the U.S. pending against Monsanto, which Bayer acquired in
June.

But Wisner’s closing arguments at trial irked
the judge handling the case so profoundly that she’s considering
tossing the verdict and ordering a new trial. The lawyer told jurors
that Monsanto executives in a company board room were "waiting
for the phone to ring" and that "behind them is a bunch of
champagne on ice," according to a court filing. He said that
“if the damages number isn’t significant enough, champagne corks
will pop.”

At a hearing Wednesday, San Francisco Judge
Suzanne Ramos Bolanos cited a number of reasons why she’s inclined
to set aside or dramatically cut the verdict. But she singled out
the champagne comment as she questioned whether Wisner’s
impassioned rhetoric crossed a line. Wisner also told jurors their
decision could “change the world” and they could become a “part
of history.” Bolanos said the comments may prove “sufficiently
prejudicial” to warrant a new trial.

Imagine if your neighborhood grocery or
convenience store offered one-hour, on-demand fulfillment — not
through intermediaries like Postmates or Instacart, but entirely
in-house — and made a profit on every order. As fantastical as the
idea might seem, that’s the promise of CommonSense
Robotics, an Israeli micro-fulfillment startup that today
launched its first autonomous sorting and shipping center in downtown
Tel Aviv.

… thanks to a combination of robotic sorting
systems and artificially intelligent (AI) software, it can prepare
orders faster than the average team of human workers — typically in
less than three minutes.

The
Business Journals [paywall]: “Boston-based Ropes & Gray
partner Douglas
Meal, one of the most sought-after data privacy and cybersecurity
attorneys in the country, typically charges $1,550
an hour for his services, according to a recent court filing.
The filing offers a rare public glimpse into what some of the
attorneys at Boston’s largest law firm bill on an hourly basis. It
was made last week in a landmark case before a federal appeals court
over the Federal Trade Commission’s ability to punish businesses
for consumer data breaches. Ropes and other firms that worked on the
case are asking the court to require the U.S. government to pay their
attorneys’ fees, which is sometimes allowed in cases involving the
government. Ropes’ client, an Atlanta medical laboratory named
LabMD, is now out of business because of the litigation
brought against it by the FTC [added link to FTC case summary,
timeline and filings/documents], according to the firm. The appeals
court sided with LabMD and against the FTC in the case. Ropes
disclosed the typical hourly rates of Meal and other attorneys to
show the court that they are offering to take a significant discount
for their work on the case…”

First Joshua Browder went after parking tickets,
building a bot that helped hundreds of thousands of users challenge
their fines.

Then, the 21-year-old student broadened his focus,
expanding into everything from landlord disputes to chasing
compensation for lost luggage on flights.

In 2018, Browder took aim at Equifax after a data
breach exposed the personal data the firm held on tens of millions of
Americans, and his app DoNotPay was used
to help file 25,000 lawsuits against the company.

The British entrepreneur is now expanding into
privacy and data security. On Wednesday, he announced that DoNotPay
will now help users easily
lock the privacy settings on their social media accounts —
and help sue those companies that expose users' data through hacks
and breaches.

… DoNotPay is a tool that provides automated,
free legal assistance. The user writes in what they need help with,
and they're then asked relevant questions before being given
appropriate documentation or guidance on how to tackle their problem
— from flight refunds to maternity leave requests — sidestepping
the need for traditional (and costly) legal guidance.

There's two strands to Wednesday's update. The
first is focused on privacy, and helps users lock down their accounts
from prying eyes. It automatically makes a series of what Browder
calls "no brainer" changes to users' settings on Facebook,
Instagram, and Twitter — like disabling personalized Twitter ads,
deleting your call and text history from Facebook, and stopping other
accounts seeing when you're online on Instagram.

uja Amin of Womble Bond Dickinson writes about a
complaint that may be of interest to some readers:

…Just before the alert was sent out, Judge
Katherine Polk Failla, rejected three self-represented New Yorkers’
request for a preliminary injunction to halt the test of the
Presidential Alert system, apparently finding Plaintiffs’ claims
“too speculative.” The New York Plaintiffs had filed its
lawsuit, Nicholas v. Trump, case number 1:18-cv-08828, on
September 26, 2018 in the Southern District Court of New York against
Donald Trump and the head of FEMA, arguing that the new system
violates First and Fourth Amendments of the U.S. Constitution.

In
their complaint, the Plaintiffs proclaim that they are “American
citizens who do not wish to receive text messages, or messages of any
kind, on any topic or subject, from Defendant Trump.” Citing the
Carpenter
v. United States decision we discussed here on TCPALand a
few months back, Plaintiffs allege that these messages allow the
government “to trespass into and hijack” cellular devices without
explicit consent, which violates the “Fourth Amendment right to
privacy in their cellular devices.”

“The rules of procedure that govern proceedings
concerning discovery, disclosure, and admissibility have to be
flexibly applied to fit each technology that produces the evidence
being dealt with because
technology cannot be made to change its nature to suit rules of
procedure. That is particularly important for those
sources of very frequently used kinds of evidence such as, electronic
records management systems (records now being the most frequently
used kind of evidence), mobile phone tracking evidence,
breathalyzer/intoxilyzer devices, and, TAR (technology assisted
review) software programs that are used to conduct the “records
review stage” of electronic discovery proceedings. Motivations to
limit the time and cost of legal proceedings by limiting the issues
to be decided are now outmoded because the more complex the sources
of evidence become, the greater are the number and complexity of
issues of law and fact that must be decided to determine the
reliability of such evidence and adequacy of its production. And,
the more complex a
technology, the more ways it has to break down. And so, a
motor vehicle has more ways, and therefore a greater probability to
perform inadequately than does a bicycle. As a result, when society
becomes dependent upon a more complex technology, legal proceedings
must be expected to take longer and cost more. And so, mass
transportation based upon motor vehicles, has imposed a vastly
greater burden upon the justice system than did mass transportation
based upon horses. But technology is constantly changing and so
lawyers’ education has to change accordingly so that they can
challenge the reliability of complex technology’s sources of
evidence. Specialist legal research lawyers, able to advise all
lawyers as to the nature and vulnerabilities of such technology will
have to be formally recognized by law societies, and made available
in law society-sponsored centralized legal research support services,
operated at cost, per case so serviced. How else to provide the
legal profession at large with such complex and ever-changing
information with which to compose its cross-examinations and
arguments adequately? That includes arguments as to why and how the
rules of procedure must be flexibly applied so as to know, for
example, the exact point at which the onus of proof can in fairness
be transferred to the opposing party to provide “evidence to the
contrary.” Given that technology is a constantly evolving, moving
target, how to teach lawyers and law students about such factors as,
software errors rates and architecture, the strengths and
vulnerabilities of particular technologies, its national and
international standards, and the requirements for its adequate
manufacture, usage, and maintenance? Very little of that has an
adequate legal infrastructure. Manufacturing motor vehicles
allegedly does. Nevertheless, every year its manufacturers must
recall millions of automobiles that they have inadequately made.

Technology that produces such evidence
raises issues as to the reliability of software. The technical
literature warns repeatedly, we trust software far too much. And so
knowledge of technology is essential to “doing justice.”
Otherwise, by default lawyers treat its sources of evidence as being
infallible. It is far from that. And therefore, so are the rules of
procedure that govern the use of such evidence. Blame lawyers; not
judges. Judges must decide cases using only the evidence and
argument provided by lawyers. Their purpose is to decide disputes;
not to educate lawyers. The legal profession is just another
industry that must keep up with technology in law and practice, or be
bypassed by technology…”

The U.S. Department of Defense said on Wednesday
that a memo purporting to show the Pentagon asking for a national
security review of chipmaker Broadcom Inc’s $19 billion deal to buy
software company CA Technologies was likely fake.

… The Pentagon is looking into who wrote the
fake memo, according to a spokeswoman. She said they considered it
likely to be fake based on an initial assessment.

… Senator Rand Paul’s office, however,
reiterated his call for a national security review of the deal,
denying that a memo was behind the lawmaker’s request for a review.

… streaming
continues to dominate music listening, with 86% of respondents
engaging in music that way, with 57% in the 16- to 24-year-old demo
using a paid audio service. Another finding shows nearly half of the
time spent listening to on-demand music is through YouTube,
with 52% of that total on video streaming, 28% on paid audio
streaming and 20% on free audio streaming.

… Still copyright infringement remains an
issue, with 38% of consumers obtaining music through infringing
methods, stream ripping dominating with 32% of the audience.

EU
hijacking: self-driving car data will be copyrighted...by the
manufacturer

Today, the EU held a routine vote on regulations
for self-driving cars, when something decidedly out of the ordinary
happened...

The autonomous vehicle
rules contained a clause that affirmed that "data generated by
autonomous transport are automatically generated and are by nature
not creative, thus making copyright protection or the right on
databases inapplicable."

This is pretty inoffensive stuff. Copyright
protects creative work, not factual data, and the telemetry generated
by your car – self-driving or not – is not copyrighted.

But just before the vote, members of the European
Peoples' Party (the same bloc that pushed through the catastrophic
new Copyright
Directive) stopped the proceedings with a rare "roll call"
and voted down the clause.

In other words, they've snuck in a space for the
telemetry generated by autonomous vehicles to become someone's
property.

Amazon recently made headlines by announcing that
it would voluntarily increase its minimum hourly wage to $15. With a
federal minimum wage of only $7.25, this pledge might seem like a
curious decision — especially for a company as laser-focused on
cost containment as Amazon. But thinking only about the costs
involved in raising wages misses a key issue: pay hikes can also
boost workplace productivity.

Given Amazon’s well-deserved reputation as a
data-driven (and long-term oriented) company, you can bet that
Amazon’s management team has done the analysis and figured out that
paying employees more is, from a business perspective, more benefit
than cost. They’re not the first company to make a decision like
this — most notably, Walmart set a minimum wage of $11
earlier in 2018 — and we hope others come to realize that paying
workers more can be a matter of enlightened self-interest.

… First, higher wages allow firms to attract
and retain better employees (assuming competitors don’t follow suit
and raise their wages as well). But there is an important — and
often overlooked — second effect. Paying wages that are above the
market rate (known within economics as “efficiency wages”) can
also be an important motivating force for your existing employee
base. The intuition is straightforward: higher wages makes
a job more desirable. This leads to a larger applicant
pool waiting to take over when openings occur, and makes
it easier to replace a slacker employee. It also means
that workers have more to lose by slacking off — who cares if
you’re fired from a $7.25 an hour job, but where else will you find
somewhere that pays $15 per hour?

The concept of efficiency wages is an old idea,
dating back at least to Henry Ford’s introduction of the “five
dollar day” in 1914, at a time when the daily wage at manufacturing
plants near his Highland Park factory was $2.30. Ford
himself called it his finest cost-cutting move, because of
the boost to productivity that came as a result.

The Pentagon only
recently made cybersecurity a priority, the Government Accountability
Office says in a new report, which found vulnerabilities in weapons
that are under development.

Passwords that took seconds to guess, or were
never changed from their
factory settings. Cyber vulnerabilities that were known,
but never fixed. Those are two common problems plaguing
some of the Department of Defense's newest weapons systems, according
to the Government Accountability Office.

The flaws are highlighted in
a new GAO report, which found the Pentagon is "just
beginning to grapple" with the scale of vulnerabilities in its
weapons systems.

… The most capable workers – experts who can
find vulnerabilities and detect advanced threats – can earn "above
$200,000 to $250,000 a year" in the private sector, the GAO
reports, citing a Rand study from 2014. That kind of salary, the
agency adds, "greatly exceeds DOD's pay scale."

John R. Allen – President, The Brookings
Institution: “Emerging technologies of the 21st century are poised
to fundamentally transform modern society. Artificial intelligence,
advanced robotics, and other emerging technologies are upending
everything from transportation to manufacturing to health care, and
as these and related technologies mature, they will have far-reaching
impacts over our work, our lives, our security, and our politics.
From gene-editing to quantum computing, each of these technologies
represent substantial challenges and novel solutions to myriad
problems, and are just a glimpse of what the future holds. And if
society is to fully embrace the full range of social and political
changes that these technologies will introduce, then we need to be
thinking now about how best to maximize the benefits of these
technologies while minimizing the risks to humanity along the way.
The research community has a critical role to play in informing
policymakers of the coming challenges associated with emerging
technologies, and here, Brookings intends to be a leader. As a part
of a new effort, an impressive assembly of the Institution’s
scholars have stepped forward to address the complex challenges
associated with emerging technologies within the context of their
relevant areas of expertise. Each
of the papers in this series grapples with the impact of an emerging
technology on an important policy issue, pointing out both
the new challenges and potential policy solutions introduced by these
technologies. This
compendium showcases in no uncertain terms the enormity of the
changes to come, as well as many of the key policy imperatives as
we move forward in the 21st century.”

If you were entering the job market in the early
90s, most job
descriptions included “Macintosh experience” or “excellent
PC skills” in their preferred qualifications. This quickly became
a requirement for even the most non-technical jobs, forcing people
across every industry and age group to adapt with the changing times,
or risk getting left behind.

Today, the bar for computer proficiency is set
much higher. There’s an ever-increasing demand for people who can
leverage software to analyze, understand, and make day-to-day
business decisions based on data. Data Science is now a quickly
growing discipline, giving people with any kind of data expertise
a serious competitive edge.

Corporate leaders are becoming convinced of the
impact that effective data collection and analysis can have on the
bottom line, from tracking daily reports against Key Performance
Indicators to make informed decisions on where to spend marketing
dollars, to monitoring and evaluating customer communications to
adjust product offerings. Many are investing heavily in hiring
talent with data skills and building out data proficiency across the
organization.

Tuesday, October 09, 2018

Is the alternative to ignore Russia (et al) as they hack elections,
rob banks and shut down infrastructure, limiting our response to a
“stern warning” and sanctions of a few well insulated people who
will never be extradited.

… Wolff is right; this is reckless. In Click
Here to Kill Everybody, I argue for a "defense dominant"
strategy: that while offense is essential for defense, when the two
are in conflict it should take a back seat to defense. It's more
complicated than that, of course, and I devote a whole chapter to its
implications. But as computers and the Internet become more critical
to our lives and society, keeping it secure becomes more important
than using it to attack others.

Google will ditch
its bid for a cloud computing deal worth $10 billion with the
Pentagon, as its new ethical guidelines don’t align with the
requirements from the US Department of Defense (DoD).

The company said in a statement:

We couldn’t be assured that [the JEDI
deal] would align with our AI Principles and second, we determined
that there were portions of the contract that were out of scope with
our current government certifications.

Perspective. The flip side of having a global
audience hanging on your every tweet is knowing when to keep your
tweeter shut!

Phishing is nearly as old as email, but it is
still a major attack vector for cybercriminals. Some of the most
prominent cyber incidents of the past few years are the result of
phishing attempts. Despite the maturity of this problem, the
solutions proposed by the industry during the past decades haven't
been successful. At the recent Black Hat conference, several vendors
all offered the same tactic for squishing phishing: user training to
increase recognition of phishing attacks.

If that advice was going to work, it would have
started working more than a decade ago and we would not have the
scandals resulting from hacked political campaigns that have emerged
since 2016.

What was the pre-Internet equivalent? Spies
photographing the plans for new weapons? U2 overflights?

For years, the Kremlin's increasingly aggressive
hackers have reached across the globe to hit targets with everything
from simple
phishing schemes to worms
built from leaked NSA zero day vulnerabilities. Now, law
enforcement agencies in the US and Europe have detailed another, far
more hands-on tactic: Snooping on Wi-Fi from a vehicle parked a few
feet away from a target office—or even from a laptop inside their
hotel.

A hardware parallel for my Software Assurance
students. Maybe all those security claims are not exactly accurate?

The
Internet’s keepers? “Some call us hoarders—I like to say we’re
archivists”

… “I’ve got government video of how
to wash your hands or prep
for nuclear war,” says Mark Graham, director of the Wayback
Machine at the Internet Archive. “We could easily make a list of
.ppt files in all the websites from .mil, the Military Industrial
PowerPoint Complex.”

… And the immediate takeaway is that the scale
of the Internet Archive today may be as hard to fathom as the scale
of the Internet itself.

… The
archive also maintains a nearby warehouse for storing physical
media—not just books, but things like vinyl records, too. That’s
where Graham jokes the
main unit of measurement is “shipping container.” The archive
gets that much material every two weeks.

The company currently stands as the second-largest
scanner of books in the world, next to Google. Graham put the current
total above four million.

… Today,
books published prior to 1923 are free to download through the
Internet Archive, and a lot of the stuff from afterwards can be
borrowed as a digital copy.

… Of
course, the Internet Archive offers much more than text these days.
Its broadcast-news collection has more than 200 million hours with
tools such as the ability to search for words in chyrons and access
to recent news (broadcasts are embargoed for 24 hours and then
delivered to visitors in searchable two-minute chunks). The growing
audio and music portion of the Internet Archive covers radio news,
podcasting, and physical media (like a collection of 200,000
78s recently donated by the Boston Library). And as Ars has
written about, the organization boasts an
extensive classic video game collection that anyone can boot up
in a browser-based emulator for research or leisure. Officially,
that section involves 300,000-plus overall software titles, “so you
can actually play Oregon Trail
on an old Apple C computer through a browser right now—no
advertising, no tracking users,” Graham says.

… In
total, Graham says the Internet Archive adds
four petabytes of information per year
(that's four million
gigabytes, for context). The organization’s current data totals 22
petabytes—but the Internet Archive actually holds on to 44
petabytes worth. “Because we’re paranoid,” Graham says.
“Machines can go down, and we have a reputation.” That NASA-ish
ethos helped the non-profit once survive
nearly $600,000 worth of fire damage—all without any archived
data loss.

… Most of us fluctuate between email,
iMessage, G-chat, Slack, Instagram, Twitter, and Facebook every few
seconds for hours on end. The amount of reading that we do is more
than ever before, but when it comes to business one thing is for
sure: The more senior you
are, the faster your response time. CEO’s tend to
respond faster than the majority of their employees. If you ever
email a CEO, no matter what level you are, you can expect a response
in under five minutes. If you don’t get one, I can assure you that
they immediately forwarded your email to someone else to respond to
it. Either way, it has been read.

Sunday, October 07, 2018

The Chinese
Motherboard Hack Is a Crisis, Even If It Didn’t Really Happen

… The report claims that Chinese spies
systematically infiltrated U.S. corporate and government computer
systems by installing hardware exploits on the motherboards of
servers destined for widespread use, from video-streaming services to
the CIA. According to Businessweek, the infected machines
provided a backdoor into any network on which the machines were
installed. The reporting claims that at least 30 U.S. companies were
affected, including Apple and Amazon, the most valuable companies in
the world. Bothcompanies
have vociferously denied the claims, but Bloomberg stands
by its story.

The other half of this problem is, no matter what
the initial password is, users will want a simple password.

I’m really going to miss California when it
falls off into the Pacific some day.

Zack Whittaker reports:

Good news!

California has passed a law banning
default passwords like “admin,” “123456” and the old classic
“password” in all new consumer electronics starting in 2020.

Every new gadget built in the state from
routers to smart home tech will have to come with “reasonable”
security features out of the box . The
law specifically
calls for each device to come with a preprogrammed password
“unique to each device.”

It also mandates that any new device
“contains a security feature that requires a user to generate a new
means of authentication before access is granted to the device for
the first time,” forcing users to change the unique password to
something new as soon as it’s switched on for the first time.

With anonymity comes a release from morality? I
guess there are sick minds everywhere. I hope this does not become a
“thing” for high school kids. Should you shoot a video of the
people near you? I’m assuming that the weirdo wants to be close to
see your reaction.

Apple's AirDrop feature allows an iPhone user to
send photos, videos, documents and other files to other iPhone units
nearby. For AirDrop to work, both Wi-Fi and Bluetooth have to be
turned on. But some iPhone users are taking advantage of this
technology to send sexually explicit pictures to strangers. This act
even has its own name, "cyber-flashing."

… There is a way to prevent your iPhone from
receiving images sent via AirDrop without having to turn off Wi-Fi or
Bluetooth. Go to Settings and tap on General. Click on AirDrop. You
will have the option of making your phone discoverable to "Everyone,"
or your "Contacts only."

University
of Minnesota research shows how roads can be greener with driverless
vehicles

… The move to wrest the controls from human
drivers is gaining traction. The U has just received a $1.75 million
grant from the National Science Foundation to further study
autonomous vehicles and the future of transportation services.

… Already, researchers see big potential in an
anticipated ability of autonomous vehicles to follow more precise
paths, allowing roads to be much narrower, freeing up land for other
purposes. Car sharing may increase, allowing back alleys to be
redeveloped into pocket parks. Parking lots could become wetlands or
ponds.

Links

About Me

I live in Centennial Colorado. (I'm not actually 100 years old., but I hope to be some day.) I'm an independant computer consultant, specializing in solving problems that traditional IT personnel tend to have difficulty with... That includes everything from inventorying hardware & software, to converting systems & data, to training end-users. I particularly enjoy taking on projects that IT has attempted several times before with no success. I also teach at two local Universities: everything from Introduction to Microcomputers through Business Continuity and Security Management. My background includes IT Audit, Computer Security, and a variety of unique IT projects.